Deploying & Monitoring Bitdefender
This guide will outline how to deploy, monitor and manage Bitdefender Endpoint Security on Windows devices using Naverisk and the Bitdefender GravityZone Control Center.
This section will cover how you can deploy BitDefender to your client’s workstations and servers using Naverisk.
Prepare the Deployment Package
Login to the Bitdefender GravityZone Control center https://gravityzone.bitdefender.com/ and under Network on the left hand panel select Packages.
Tick the desired package, and click Send download links.
A script pack to install BitDefender – BitDefender Deployment Kit – is available in the Routine Store, or may be pre-installed in your Naverisk console.
Edit the script pack, and under Parameters, enter the download URL that you copied from GravityZone.
Deploying to Devices
Now that you have created your Bitdefender Deployment script, you can either run this manually through the Devices tab or create a scheduled job to deploy this script pack at a designated time.
Please note that the deployment process can take some time, possibly up to 15 minutes, depending on the speed of the client device and internet connection.
While we recommend deploying Bitdefender through Naverisk, you can also use the Bitdefender Remote Installation. You can find the details for this in the Bitdefender Control Center > Essential Steps when you first login to the console (as below).
Monitoring Windows Workstations
Naverisk can integrate into the Microsoft Windows Security Center to provide efficient Antivirus monitoring on your Workstation Devices. Naverisk is able to automatically retrieve information on the status of Antivirus, Firewall and Anti-Spyware software for alerting and reporting purposes, monitoring that the Antivirus or Anti-Spyware application is running, and that the definitions are up to date.
Note: Only Microsoft Workstation Operating Systems from Windows XP – SP3 onwards are supported by the Naverisk Security Center.
Please note that there may be variations on how specific applications are reported across different Windows versions. For example, Windows 7 reports Windows Defender as Anti-Spyware, while Windows 8.1 and 10 report it as Anti-virus.
In order to monitor Server Operating Systems you will require a device role. Configuring device roles to monitor Bitdefender are discussed later in this article.
Setting up Naverisk Security Center Monitoring
To set up Naverisk Security Center follow these steps below.
Log in to Naverisk, Navigate to settings and select the OS Templates Icon,
Monitoring Using Device Roles
Bitdefender can also be monitored using Naverisk device roles. This is particularly applicable to Windows servers, which do not support the Security Center, but can also be used on Windows workstations as well if desired.
A pre-configured Device Role for Bitdefender is included in Naverisk, and is also available for download from the Routine Store.
This monitors the Bitdefender component services, the Event Log for Bitdefender warnings, and checks the definitions. It will also warn if Bitdefender is not installed on a device.
To deploy individually:
1. Navigate to the Devices tab
2. Go into the Device you wish to add the Role to
3. Select the Monitoring tab
4. Select the ‘+’ symbol under the Device Roles Section
Here you will be presented with all the Device Roles you would have seen under the Device Roles in the Settings tab:
5. Select the AV Bitdefender – Endpoint Client role by ticking the check box on the right-hand side of the Device Role.
6. Select Save Roles to assign the Role to this Device.
You can also deploy the role in bulk to multiple devices:
1. Navigate to the Device tab.
2. Select a Client that you wish to deploy your Device Roles to.
3. Select the multiple Devices with the use of the check boxes situated next to the Device on the left hand side as per the screenshot below:
5. You will now be presented with a list of Device Roles that is available for assigning to your Devices:
6. Select the AV Bitdefender – Endpoint Client role by ticking the check box beside the role.
7. Click Add Roles.
For more details on working with Device Roles, see the Device Roles guide under Naverisk Help.
Tickets are automatically created when issues arise with a Bitdefender client on any monitored device. These will be assigned an appropriate SLA classification depending on the severity of the issue. These tickets are generated from either the Security Center integration or the Device Role, depending on the type of client device.
Generating Alerts from GravityZone
Bitdefender endpoints communicate directly to the GravityZone Control Center when events such as threats being detected occur. It is easy to configure the console to send these alerts to Naverisk so that your AV monitoring/alerting can be consolidated in one location.
In the GravityZone Control Center, click on the alarm icon at the top left to open the Notifications panel, then the settings icon
The Security Center is an integration from Microsoft Action Center, that uses the Microsoft Action Center API (Application Programming Interface), to retrieve and relay the data that is normally displayed in your Windows OS, to your Naverisk Web Interface.
This data is also integrated into Naverisk’s Reporting system. This allows you to run analytics of your device’s security, which over time can show you where the weak links are, helping you to strengthen your Clients’ security and allowing you to protect their data more efficiently.
Note: Security Monitoring is only compatible with Windows Workstation Devices due to Microsoft not including the Security Center within Server OS’s. You will need a Device Role to monitor Security on a Server.
- If Service monitoring is enabled, a Failure SLA ticket will be created if the Antivirus service is detected as Stopped for more than 600 seconds.
- If Signatures monitoring is enabled, a Failure SLA ticket will be created if the Antivirus signatures are found Outdated for more than 600 seconds.
- If Firewall Service monitoring is Enabled, a Failure SLA ticket will be created if the Firewall is detected as Disabled/Stopped for more than 600 seconds.
- If Service monitoring is enabled, a Failure SLA ticket will be created if the AntiSpyWare service is detected as Stopped for more than 600 seconds.
- If Signatures monitoring is enabled, a Failure SLA ticket will be created if the AntiSpyWare signatures are found Outdated for more than 600 seconds.
Each threshold can be increased or decreased, depending on your needs. The maximum threshold is 999 seconds.
Servers – via Device Roles
Each Bitdefender service and logged event, as well as the result of the definition check, are configured by default to create a ticket to warn you of an issue. The SLA severity of these tickets are also set by default to appropriate values. You can change these by editing the Device Role. Please refer to the Device Roles documentation for details on this.
Scheduling Scans & Updates
In order to schedule Bitdefender updates & scans, you will need to configure this through your Bitdefender GravityZone Control Center. We recommend scheduled updates and scans be configured in GravityZone, however you can also trigger updates and scans from Naverisk.
In the Control Center this can be done through the Policies Tab and configured to suit your needs:
To do this, you will need to navigate to the Network tab and select the Device you wish to assign the policy too.
Once you have selected the Devices or group of Devices, click Assign Policy:
Running Scans & Updates from Naverisk
In addition to using the GravityZone Control Center, you can also manually trigger scans and updates as well as checking the Bitdefender endpoint status from Naverisk. A set of script packs are available in Naverisk, and are also available for download from the Routine Store.
BitDefender Tools – Is Update in Progress: Check to see if an update is currently running.
BitDefender Tools – Get Version: Returns the current version number of the installed Bitdefender client.
BitDefender Tools – Is Restart Needed: Determines if a system restart is required to enable full protection. This is sometimes required after initial installation or a client upgrade.
BitDefender Tools – Check Definition: Checks to see if the definitions have been updated in the last 24 hours.
BitDefender Tools – Start Update: Trigger a definitions update on the endpoint.
BitDefender Tools – Scan: Start a Quick Scan on the endpoint.
The results of these scripts will be returned in the usual manner for Naverisk Script Packs, and will also write the result to the device event log. If the Bitdefender device role has been applied to the device, an entry in the device Audit tab will be created, and an alert raised if required (e.g. definitions not updated).
Reports can be generated in Naverisk that show your customer’s antivirus status. Bitdefender also provides additional reporting via the GravityZone Control Center.
The Antivirus Detail report can be found under the Reports tab > Device > Antivirus Detail and will look like the below example:
Note: That data may be incomplete when clients are first configured. Waiting at least 24 hours for data to be retrieved and logged by Naverisk should provide you with better results.
The Antivirus Summary report can be found in the Reports tab > Client Facing > Antivirus Summary. It will appear as a pie graph as per the below example:
Automate your service delivery with Naverisk:
Naverisk is an all-in-one RMM, Service Desk & PSA solution for MSPs and IT Professionals.
From monitoring and device management to ticketing and billing, Naverisk removes the need for running multiple programs.
Take advantage of Naverisk’s powerful automation features with a FREE demo today!